The US government has disclosed it is offering up to $10m as a reward for information on people linked with North Korean state-sponsored hacking groups.
The US State Department revealed Tuesday it is interested in information on hackers that are part of groups including Lazarus Group, Guardians of Peace, Kimsuky, and APT38 amongst others.
“If you have information on any individuals associated with North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting US critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward,” read a notice posted to Twitter.
The North Korean hacking group is the only one to be called out by name on the Rewards for Justice site, which otherwise explains the purpose of the program is to generate useful information “that protects Americans and furthers US national security.” It says rewards are also offered for information on “the financial mechanisms of individuals engaged in certain activities to support the North Korean regime.”
The amount is double the bounty the government offered in March 2022 for information on DPRK-backed hackers targeting crypto exchanges and financial institutions worldwide to support the Kim Jong-un regime's illegal operations.
Lazarus, for example, has been blamed for various high-profile cyberattacks, including the world’s biggest ever crypto-heist when $618m was stolen from Vietnamese developer Sky Mavis and its Ronin Network. In 2020, the hackers exfiltrated $281m from Singapore-headquartered cryptocurrency exchange KuCoin.
The North Korean hackers have also infiltrated mobile phones of well-known personalities, including particular South Korean legislators, to obtain their private data, claimed Mun Chong Hyun, head of the EST security response center (ESRC). He said hackers target organizations on North Korea's websites or build counterfeit Facebook accounts for those functioning in the North Korean industry on an ongoing basis.
Last year, the US Department of Justice unsealed a federal incitement of several suspected members of the infamous Lazarus Group (APT38), said to be linked to military intelligence agency the Reconnaissance General Bureau (RGB). However, North Korea is a notoriously secretive and globally isolated state, making traditional intelligence-gathering efforts challenging.
In 2019, the U.S. Treasury Department banned three North Korean hacking groups (Lazarus Group, Bluenoroff, and Andariel) for funneling financial assets they stole in cyberattacks to the North Korean government.
